The Claims 

1. (Currently amended) A method implemented at least in part by a 
com puting device, the method comprising: 

generating a manifest to computer readable medium having stored thereon a 
data structure -that describe[[s]] what types of binaries can be loaded into a process 
space for a trusted application, the data structure manifest comprising: 

a first portion including data representing a unique identifier of the 

trusted application; 

a second portion including data indicating whether a particular one 

or more binaries can be loaded into the process space for the trusted 

application; and 

a third portion derived from the data in both the first portion and the 
second portion by generating a digital signature over the first and second 
portions ; and 

a fourth portion that includes data representing a list of one or more 
export statements that allow a secret associated with the trusted application 
to be exported to another trusted application ; 

wherein each of the one or more export statements comprises: 
an identifier of the manifest; 

an identifier of another manifest that corresponds to the 
trusted application to which the secret is to be exported; and 

a digital signature over both the identifier of the manifest and 
the identifier of the other manifest . 
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2. (Currently amended) A method c omput e r readable medium as 
recited in claim 1, wherein the data structure, wh e n populated with data, is a 
manifest corresponding to the trusted application, and wherein the unique 
identifier of the trusted application comprises: 

a public key of a public-private key pair of a party that generates the 
manifest; 

an identifier of the party that generates the manifest; and 
a version number of the manifest. 

3. (Currently amended) A method computer readabl e medium as 
recited in claim 1, wherein the data in the second portion comprises: 

a list of one or more hashes of certificates that certify public keys which 
correspond to private keys that were used to sign the certificates that correspond to 
binaries that are authorized to execute in the process space. 

4. (Currently amended) A method computer readabl e medium as 
recited in claim 3, wherein the data in the second portion further comprises: 

a list of one or more additional hashes of certificates that certify public keys 
which correspond to private keys that were used to sign the certificates that 
correspond to binaries that are not authorized to execute in the process space. 
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5. (Currently amended) A method computer readable medium as 
recited in claim 1, wherein the data in the second portion comprises: 

a list of one or more certificates that certify public keys which correspond 
to private keys that were used to sign the certificates that correspond to binaries 
that are authorized to execute in the process space. 

6. (Currently amended) A method computer readable medium as 
recited in claim 5, wherein the data in the second portion further comprises: 

a list of one or more additional certificates that certify public keys which 
correspond to private keys that were used to sign the certificates that correspond to 
binaries that are not authorized to execute in the process space. 

7. (Currently amended) A method computer readable medium as 
recited in claim 1, wherein the data in the second portion comprises: 

a list of one or more public keys which correspond to private keys that were 
used to sign the certificates that correspond to binaries that are authorized to 
execute in the process space. 

8. (Currently amended) A method computer r e adable medium as 
recited in claim 7, wherein the data in the second portion further comprises: 

a list of one or more public keys which correspond to private keys that were 
used to sign the certificates that correspond to binaries that are not authorized to 
execute in the process space. 
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9. (Canceled). 



10. (Canceled). 

11. (Currently amended) A method computer readable medium as 
recited in claim I[[10]], wherein at least one of the one or more export statements 
comprises: 

an identification of a particular computing device on which the at least one 
export statement is useable. 

12. (Currently amended) A method computer readable medium as 

recited in claim 1, wherein the data structure further comprises: 

an additional anoth e r portion that includes data representing a set of 
properties corresponding to the data structure. 

13. (Currently amended) A method computer readable medium as 
recited in claim 12, wherein the set of properties includes: 

whether the trusted application is debuggable. 

14. (Currently amended) A method computer readable medium as 
recited in claim 12, wherein the set of properties includes: 

whether to allow an additional binary to be added to the process space after 
the trusted application begins executing. 
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15. (Currently amended) A method computer readable medium as 
recited in claim 12, wherein the set of properties includes: 

whether to allow implicit upgrades to a higher version number. 

16. (Currently amended) A method computer readable -med i u m as 
recited in claim 1, wherein the data structure further comprises: 

an additional another portion that includes data representing a list of entry 
points into the executing trusted application. 

17-76. (Canceled). 
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